PHP has fixed several vulnerabilities allowing remote code execution

  • 19 October 2014
  • 0 replies
  • 212 views

Userlevel 7
Badge +54
by Sabari Selvan on Sunday, October 19, 2014
 


 
 
 
 
 
 
 
 
 
 
 
 
 
The PHP development team has released new versions in order to fix three security vulnerabilities -one of them is said to be a critical one and leads to remote code execution.
The vulnerability identified as "CVE-2014-3669" can cause an integer overflow when parsing specially crafted serialized data with the unserialize ().The vulnerability is only a 32-bit system, but the danger is caused by the breach and that the serialized data often come from user-controlled channels.
 
Full Article

0 replies

Be the first to reply!

Reply